CVE-2024-23790 | OTRS up to 7.0.48/8.0.37/2023.1.1 User Avatar unrestricted upload

Posted by Angelo Barbosa | Jan 29, 2024 | CVE

A vulnerability was found in OTRS up to 7.0.48/8.0.37/2023.1.1 and classified as critical. Affected by this issue is some unknown functionality of the component User Avatar Handler. The manipulation leads to unrestricted upload.

This vulnerability is handled as CVE-2024-23790. The attack may be launched remotely. There is no exploit available.

CVE-2024-23790 | OTRS up to 7.0.48/8.0.37/2023.1.1 User Avatar unrestricted upload

Related Posts

CVE-2024-36279 | FreeFrom App up to 1.3.4 on Android/iOS channel accessible

CVE-2023-46456 | GL.iNet GL-AR300M up to 3.216 OpenVPN Client File Upload os command injection

CVE-2024-4420 | Tink Tink-cc up to 2.1.2 JsonKeysetReader denial of service

CVE-2023-46218 | cURL up to 8.4.0 Cookie lib/cookie.c Curl_cookie_add information disclosure